Add enacl:crypto_sign_ed25519_seed_keypair/1.

c_src/enacl_nif.c

@@ -147,6 +147,29 @@ ERL_NIF_TERM enif_crypto_sign_ed25519_keypair(ErlNifEnv *env, int argc, ERL_NIF_
 	return enif_make_tuple2(env, enif_make_binary(env, &pk), enif_make_binary(env, &sk));
 }
 
+static
+ERL_NIF_TERM enif_crypto_sign_ed25519_seed_keypair(ErlNifEnv *env, int argc, ERL_NIF_TERM const argv[]) {
+	ErlNifBinary pk, sk, seed;
+
+	if ((argc != 1)
+			|| (!enif_inspect_binary(env, argv[0], &seed))
+			|| (seed.size != crypto_sign_ed25519_SEEDBYTES)) {
+		return enif_make_badarg(env);
+	}
+
+	if (!enif_alloc_binary(crypto_sign_ed25519_PUBLICKEYBYTES, &pk)) {
+		return nacl_error_tuple(env, "alloc_failed");
+	}
+
+	if (!enif_alloc_binary(crypto_sign_ed25519_SECRETKEYBYTES, &sk)) {
+		return nacl_error_tuple(env, "alloc_failed");
+	}
+
+	crypto_sign_ed25519_seed_keypair(pk.data, sk.data, seed.data);
+
+	return enif_make_tuple2(env, enif_make_binary(env, &pk), enif_make_binary(env, &sk));
+}
+
 static
 ERL_NIF_TERM enif_crypto_sign_ed25519_public_to_curve25519(ErlNifEnv *env, int argc, ERL_NIF_TERM const argv[]) {
 	ErlNifBinary curve25519_pk, ed25519_pk;
@@ -220,6 +243,11 @@ ERL_NIF_TERM enif_crypto_sign_ed25519_SECRETKEYBYTES(ErlNifEnv *env, int argc, E
 	return enif_make_int64(env, crypto_sign_ed25519_SECRETKEYBYTES);
 }
 
+static
+ERL_NIF_TERM enif_crypto_sign_ed25519_SEEDBYTES(ErlNifEnv *env, int argc, ERL_NIF_TERM const argv[]) {
+	return enif_make_int64(env, crypto_sign_ed25519_SEEDBYTES);
+}
+
 /* Public-key cryptography */
 static
 ERL_NIF_TERM enif_crypto_box_NONCEBYTES(ErlNifEnv *env, int argc, ERL_NIF_TERM const argv[]) {
@@ -1096,11 +1124,13 @@ static ErlNifFunc nif_funcs[] = {
 	{"crypto_curve25519_scalarmult", 2, enif_crypto_curve25519_scalarmult, ERL_NIF_DIRTY_JOB_CPU_BOUND},
 
 	{"crypto_sign_ed25519_keypair", 0, enif_crypto_sign_ed25519_keypair, ERL_NIF_DIRTY_JOB_CPU_BOUND},
+	{"crypto_sign_ed25519_seed_keypair", 1, enif_crypto_sign_ed25519_seed_keypair, ERL_NIF_DIRTY_JOB_CPU_BOUND},
 	{"crypto_sign_ed25519_public_to_curve25519", 1, enif_crypto_sign_ed25519_public_to_curve25519},
 	{"crypto_sign_ed25519_secret_to_curve25519", 1, enif_crypto_sign_ed25519_secret_to_curve25519},
 	{"crypto_sign_ed25519_sk_to_pk", 1, enif_crypto_sign_ed25519_sk_to_pk},
 	{"crypto_sign_ed25519_PUBLICKEYBYTES", 0, enif_crypto_sign_ed25519_PUBLICKEYBYTES},
 	{"crypto_sign_ed25519_SECRETKEYBYTES", 0, enif_crypto_sign_ed25519_SECRETKEYBYTES},
+	{"crypto_sign_ed25519_SEEDBYTES", 0, enif_crypto_sign_ed25519_SEEDBYTES},
 
 	{"randombytes", 1, enif_randombytes, ERL_NIF_DIRTY_JOB_CPU_BOUND},
 

src/enacl.erl

@@ -73,11 +73,13 @@
 %% Ed 25519.
 -export([
 	crypto_sign_ed25519_keypair/0,
+	crypto_sign_ed25519_seed_keypair/1,
 	crypto_sign_ed25519_public_to_curve25519/1,
 	crypto_sign_ed25519_secret_to_curve25519/1,
 	crypto_sign_ed25519_sk_to_pk/1,
 	crypto_sign_ed25519_public_size/0,
-	crypto_sign_ed25519_secret_size/0
+	crypto_sign_ed25519_secret_size/0,
+	crypto_sign_ed25519_seed_size/0
 ]).
 
 %% Low-level functions
@@ -682,6 +684,20 @@ crypto_sign_ed25519_keypair() ->
 	{PK, SK} = enacl_nif:crypto_sign_ed25519_keypair(),
 	#{ public => PK, secret => SK }.
 
+%% @doc crypto_sign_ed25519_seed_keypair/1 creates a new Ed 25519 Public/Secret keypair from a seed.
+%%
+%% Generates and returns a new key pair for the Ed 25519 signature scheme
+%% generated from a deterministically given seed value.
+%%
+%% The return value is a map in order to avoid using the public key as a secret
+%% key and vice versa.
+%%
+%% @end
+-spec crypto_sign_ed25519_seed_keypair(binary()) -> #{ atom() => binary() }.
+crypto_sign_ed25519_seed_keypair(Seed) ->
+	{PK, SK} = enacl_nif:crypto_sign_ed25519_seed_keypair(Seed),
+	#{ public => PK, secret => SK }.
+
 %% @doc crypto_sign_ed25519_public_to_curve25519/1 converts a given Ed 25519 public
 %% key to a Curve 25519 public key.
 %% @end
@@ -715,6 +731,10 @@ crypto_sign_ed25519_public_size() ->
 crypto_sign_ed25519_secret_size() ->
 	enacl_nif:crypto_sign_ed25519_SECRETKEYBYTES().
 
+-spec crypto_sign_ed25519_seed_size() -> pos_integer().
+crypto_sign_ed25519_seed_size() ->
+	enacl_nif:crypto_sign_ed25519_SEEDBYTES().
+
 %% Obtaining random bytes
 
 %% @doc randombytes/1 produces a stream of random bytes of the given size

src/enacl_nif.erl

@@ -85,11 +85,13 @@
 %% Ed 25519
 -export([
 	crypto_sign_ed25519_keypair/0,
+	crypto_sign_ed25519_seed_keypair/1,
 	crypto_sign_ed25519_public_to_curve25519/1,
 	crypto_sign_ed25519_secret_to_curve25519/1,
 	crypto_sign_ed25519_sk_to_pk/1,
 	crypto_sign_ed25519_PUBLICKEYBYTES/0,
-	crypto_sign_ed25519_SECRETKEYBYTES/0
+	crypto_sign_ed25519_SECRETKEYBYTES/0,
+	crypto_sign_ed25519_SEEDBYTES/0
 ]).
 
 %% Miscellaneous helper functions
@@ -188,11 +190,13 @@ crypto_onetimeauth_verify_b(_Authenticator, _Msg, _Key) -> erlang:nif_error(nif_
 crypto_curve25519_scalarmult(_Secret, _BasePoint) -> erlang:nif_error(nif_not_loaded).
 
 crypto_sign_ed25519_keypair() -> erlang:nif_error(nif_not_loaded).
+crypto_sign_ed25519_seed_keypair(_Seed) -> erlang:nif_error(nif_not_loaded).
 crypto_sign_ed25519_public_to_curve25519(_PublicKey) -> erlang:nif_error(nif_not_loaded).
 crypto_sign_ed25519_secret_to_curve25519(_SecretKey) -> erlang:nif_error(nif_not_loaded).
 crypto_sign_ed25519_sk_to_pk(_SecretKey) -> erlang:nif_error(nif_not_loaded).
 crypto_sign_ed25519_PUBLICKEYBYTES() -> erlang:nif_error(nif_not_loaded).
 crypto_sign_ed25519_SECRETKEYBYTES() -> erlang:nif_error(nif_not_loaded).
+crypto_sign_ed25519_SEEDBYTES() -> erlang:nif_error(nif_not_loaded).
 
 crypto_hash(Input) when is_binary(Input) -> erlang:nif_error(nif_not_loaded).
 crypto_hash_b(Input) when is_binary(Input) -> erlang:nif_error(nif_not_loaded).